28 June 2011

PESpin Freeware PE-File Compressor/Protector

0 comments
PESpin is a Windows executable files (EXE, DLL) protector, compressor coded in pure assembly using MASM. It allows compression of the whole executable - code, data and resources, leaving them executable and protects against patching and disassembling.


Changelog:
- v1.33 - x32
+ added support for vs2010 files
+ minor bugs fixed

- v1.21 - x64
+ fixed DLLs compatibility with IE9
+ minor GUI changes

- v1.2 - x64
+ added password protection
+ added overlays handling

Compatibility with Windows® XP/Vista/7

Screenshots
Homepage + Downloads

We write here about an Executable Packer which is not often used. A high False Positive rating from most AV's is suspected as well as related Tools such as WOT rating might be low. Most AV's can not unpack the file and/or files packed with it and therefore not scan inside the binaries so they flag it falsely as Virus.

Analysis Reports PESpin.exe 32bit (the behavior is harmless - no online connections - but mirrors that many AV's are wrong reporting as Trojan): Anubis | CWSandbox | ThreatExpert

Bitsum PeCompact had similar problems with false positive and wrote on his page if you are a Security Company and need assistance to scan inside the compressed modules - support help will be provided.
PeCompact will be as well one outstanding ExePacker to make files smaller but cause of unwanted malware authors who abuse such tools the distribution have been limited.
It will be great if all AV's implement unpacking support to scan inside packed exe/dll/ocx files and reduce the large number of false positive alerts instead of flag all files falsely as Viruses.

Malwarebytes Anti-Malware PRO review - write a comment and one from 16 Licenses can be yours

167 comments
The days are gone when we needed only an AntiVirus to install and be protected from all danger out there to archive a maximum of security.

Malwares includes: viruses, worms, trojans, rootkits, spywares and so forth. They are constantly evolving and so it becomes increasingly more and more difficult to detect and remove them.

To protect from such kind of malwares and security threats we have Malwarebytes Anti-Malware or more famously known as MBAM. MBAM is one of the most effective, powerful and sophisticated antimalware application. It being lightweight and easy-to-use makes it the top among its competitors.


To protect from such kind of malwares and security threats we have Malwarebytes Anti-Malware or more famously known as MBAM. MBAM is one of the most effective, powerful and sophisticated antimalware application. It being lightweight and easy-to-use makes it the top among its competitors.

It is quite easy to setup and use, the settings looks quite simple too. It has few horizontal tabs for easy navigation. The interface has nothing complicated in it and even novice users would quite easily operate it.


It has 3 scan types – Quick scan, Full scan and Flash scan. A quick scan will scan the system for malicious files, the full scan will thoroughly scans all the drives and the flash scan will analyze the memory and autorun objects.
Just for testing purpose I did a quick scan on my system. It took around 2 mins and as expected it didn't find anything malicious. It was extremely fast and accurate. It keeps all the scan details on log files. You can find all the log files under the Logs tab.



Malwaresbytes Anti-Malware comes in 2 flavors FREE and PRO. The Difference between FREE and PRO is given below.


The Pro version has a realtime protection module, automatic site protection and scanner and updater scheduler.



My Verdict:

Pros:

  • Effective and efficient malware detection and removal.
  • 3 types of scan makes it a versatile antimalware application.
  • Scan time is pretty fast.
  • Simple user-friendly interface. Nothing complicated.
  • Regular updates to give complete and up-to-date protection.
  • Compatible with other security suits,
  • Automatic malicious site protection.


Cons:

  • Dull looking GUI gives it a really unimpressive looks.
  • Cannot detect/remove tracking cookies.
  • The system boot up time slight increased with realtime protection enabled


Malwarebytes Anti-Malware is one of the most powerful antimalwares currently available. It has a high detection and removal rate. It is extremely effective. It can not only recover an affected pc but also protect it from malwares or viruses with its realtime protection. It’s easy to use interface and uncomplicated nature adds up to its advantage. So I’ll certainly recommend to each and every user.

Reviewed by: Alpha

16 Licenses of Malwarebytes Anti-Malware PRO are available for our readers.
To join the contest leave a comment and tell us which security software you have installed on your PC (AntiVirus/Firewall/etc...)

We draw on 4th July 2011 from all comments 16 winners and send them email addresses for the licenses to malwarebytes.org

Many thanks to Malwarebytes Corporation, sponsor of this GiveAway

Emule 0.50a ZZUL TRA TL 0.6a

0 comments
0.6a
> now i stop the develop for a while due to rl problems, but i'm happy because this version has almost all features that i wanted in emule,
> obviously this is related to my current knowledge about emule and its mods (also previous version mods).
> Hopefully next version will take all (or almost all) updates of zzul tra versions above 2.3
// pier4r - SortRatingUsingAlsoCAvalues -
// pier4r - CABanForBadClientsForLongTime -
// pier4r - noReaksAndFastXSsaveBetweenSessions -
// pier4r - PunishmentForClientsThatRequestMoreThanRatio1:3 -
// pier4r - show2digitsCAinClientDialog -
// pier4r- OneQueuePerFileSimulation -
// pier4r - 1:3 ratio adapting2AverageUpload
// pier4r - noLengthyUploads -
// pier4r - GENERAL MODIFICATIONS -
// pier4r - slowDownSaveProcess -

Download

ed2k download src

27 June 2011

Buster Sandbox Analyzer for Sandboxie

2 comments
Buster Sandbox Analyzer is a tool that has been designed to analyze the behaviour of processes and the changes made to system and then evaluate if they are malware suspicious.
The changes made to system can be of several types: file system changes, registry changes and port changes.
A file system change happens when a file is created, deleted or modified. Depending of what type of file has been created (executable, library, javascript, batch, etc) and where was created (what folder) we will be able to get valuable information.
Registry changes are those changes made to Windows registry. In this case we will be able to get valuable information from the modified value keys and the new created or deleted registry keys.
Port changes are produced when a connection is done outside, to other computers, or a port is opened locally and this port starts listening for incoming connections.
From all these changes we will obtain the necessary information to evaluate the "risk" of some of the actions taken by sandboxed applications.
Watching all these operations in an easy and safe manner is possible thanks to Sandboxie (http://sandboxie.com), an excellent tool created by Ronen Tzur.
Even if Buster Sandbox Analyzer's main goal is to evaluate if sandboxed processes have a malware behaviour, the tool can be used also to simply obtain a list of changes made to system, so if you install a software you will know exactly what installs and where.


Additionally apart of system changes we can consider other actions as malware suspicious: keyboard logging, end the Windows session, load a driver, start a service, connect to Internet, etc.
All the above operations can be considered as not malicious but if they are performed when it's not expected, that's something we must take in consideration. Therefore it's not only important to consider what actions are performed. It's also important to consider if it's reasonable certain actions are performed.

UPX 3.08 x64 for Windows and 32bit binaries

0 comments

A 64 bit executable of UPX in Version 3.08 Dev have been released next to a traditional 32bit version.

Homepage and program description


If you are not so familiar with command line parameter tools, there exists a great GUI which supports almost all switches and parameters from UPX: Free UPX 1.4
Support for the 64bit version can be implement if you replace the upx.exe in Free_UPX folder with the 64bit one.


Compressing 64 bit windows executables is not supported yet. It will show an error message "can't pack new-exe."


Dev Log
Summary log
Discussion

Downloads UPX 3.08 Dev:

x86: upx308w-dev.zip
x64: upx308w-x64-dev.zip
Download

26 June 2011

eMule v0.50a -XdP- v5.3

1 comments

Changelog:
----------------
ADD : CountryBlock [block download from or upload to special editable country's | Friends and Community excluded!] (umeK)
ADD : new Prefpage with all advandced official preferences (umeK/MorphXT)
IMPROVE : enable/disable DL in bold on the fly [under advandced official prefs] (WiZaRd)
IMPROVE : rewritten Random Modstring code (umeK)
CHANGE : make "no server ads" switchable (umeK)
FIX : Client is always highid if we are connecting to them (Enig123)
FIX : Suifaker passing Ban because missing exclude from AntiUploaderBan calculation (umeK)
FIX/CHANGE : small changes on -XdP- prefspage [treecontrol] (umeK)
FIX/IMPROVE : rewritten and fixed Download Permissions code to work correctly
with CountryBlock (umeK)
REMOVE : Drop Win95 support (MorphXT)
REMOVE : Remove MediaInfo 0.4 Support (DolphinX)
IMPROVE/CHANGE : more cleanings and changes around the source (umeK)



have fun !!!

Download

datei.to
ed2k download

----------------------------------------------------------------

visit www.sharing-devils.org

Archive